1. No category

Highly secure document exchange any place and any

No 2 | 2016
Highly secure document exchange
any place and any time
Focus
Focus
From punched cards
to modern, highly
secure databases
Page 3
7 | Diplomacy in a networked world
1 1 | Protection of highly sensitive data –
more important than ever
Dear Readers
Mobile access to information in the form of electronic
data is part of everyday life in our modern society.
Given this global availability, companies and government authorities face huge challenges, which call for a
holistic approach to information security solutions.
1 4 | Interview with Peter Fischer,
Delegate of the Federal IT Steering Unit
(FITSU) of the Swiss Confederation
16 | Secure cloud computing –
fact or illusion?
20 | Quantum computers:
the supercomputers of the future
That is why information classification has established
itself worldwide as a method of assuring the integrity
and confidentiality of documents. Peter Fischer,
Delegate of the Federal IT Steering Unit (FITSU),
explained in an interview how the Swiss Confederation deals with this topic.
From punched cards to modern,
highly secure databases
Symmetrical and asymmetrical encryption methods
are employed for saving and sending highly sensitive
data. This issue of CryptoMagazine tells you how these
methods work and whether they are threatened by
quantum computers.
The secure management of electronic documents is becoming an ever bigger challenge. One reason is the
need to be able to access databases at any time and from any location. This capability is also desired by
government ministries, national banks and armed forces today.
Giuliano Otth
President and
Chief Executive Officer
Publication details
Published twice a year | Print run | 6,200 (German, English,
French, Spanish, Russian, Arabic)
Publisher | Crypto AG, P.O. Box 460, 6301 Zug, Switzerland,
www.crypto.ch
Editor-in-chief | Anita von Wyl, Crypto AG, T +41 41 749 77 22,
F +41 41 741 22 72, [email protected]
Reproduction | Free of charge with the consent of the editorial office.
Courtesy copies requested. Copyright by Crypto AG
Illustrations/photo credits | Crypto AG: p. 2 | illugraphic: p. 3 |
Keystone: pp. 11, 13 | Peter Fischer: p. 15 | Shutterstock: cover,
pp. 3, 4, 7, 9, 15, 16, 18, 20, 21, 23
Even major powers are not immune from harm despite their
seemingly unlimited resources. In recent years, so-called
whistle-blowing websites have been regularly naming and
shaming governments of small countries but also very large
ones. They have published strictly confidential documents.
Even secret service information has been made public in this
way. The scandals are anything but accidental in light of the
rapid pace of technological change. And the prevailing
consensus is that the risk of these data leaks can be reduced
considerably with the right methods.
But let us take one thing at a time. Human beings have been
occupied with document protection ever since documents have
been around. Wax and lacquer seals were already being used in
medieval and early modern times as a means of certifying
documents. A seal back then was also able to prove the
integrity of a document – if, say, it was in an envelope sealed
in this manner.
CryptoMagazine 2 / 16 | 3
Focus
Focus
Then, however, the subject took on a completely new dimension when the physical world gave way to the digital world.
The late 1960s and early 1970s saw the emergence of the first
electronic databases. They triggered a set of developments
whose end is not even in sight yet.
Two technologies converge
A prerequisite for the emergence of databases was the convergence of two lines of technological development according to
Carl August Zehnder, Professor Emeritus for Computer Science
at the Swiss Federal Institute of Technology Zurich. In an
article, Zehnder wrote that the combination of steadily improving computers and increasingly powerful data processing
is what made databases possible in the first place.
For highly sensitive data, the
question of the adequate protection level is quickly answered.
Data processing has its roots in the nineteenth century. Initially,
punched cards allowed routine tasks to be carried out by
machine; a loom controlled by punched cards is one example of
this application. In the 1890 national census in the United States,
punched cards were employed for the first time not as control
elements but as data media. The first computers date back to
World War II. Konrad Zuse, a German civil engineer, is the best
known developer of these devices. His fully automatic Z3 from
1941 is considered the first functional computer in the world.
From the 1960s, the technologies of computers and data
processing converged. It then became possible for several
individuals to work simultaneously on mainframe computers,
according to Zehnder. The database as defined by Zehnder had
come into being, i.e. "a computer-assisted device for the orderly
saving and retrieval of large volumes of data by multiple users".
Distance suddenly irrelevant
Since then, computers have become increasingly smaller and
more powerful. And the 1990s saw the dawn of a new era:
with the advent of the Internet, geographic distance suddenly
became irrelevant. What had begun as a data exchange system
among individual universities spread rapidly across the entire
globe. Today everyone wants to be able to surf the Internet on a
computer or smartphone at any time even while on the move.
4 | CryptoMagazine 2 / 16
CryptoMagazine 2 / 16 | 5
Focus
This kind of mobile access to databases is therefore increasingly
becoming a matter of course. Users want to be able to access
and modify the desired documents at their home office, on the
way to work, or at the customer's premises – and do so with no
restrictions in terms of operation. Parallel to that, databases
are becoming more complex. Simple document archives have
become key elements for business processes also used for
quality control and for compliance with legal and financial
regulations.
What is an adequate level of protection?
In the meantime, everyone is aware of data protection. But the
prevailing opinion is that most everyday systems cannot offer
full security. There are too many hardware and software
components in play for that, and individual elements have to
be replaced or updated too often. The frequent occurrence of
malware is proof of that. In many cases, better protection is also
limited by financial budgets: companies have to ask themselves
the question: what is an adequate level of protection?
Experts say that the previous
"need to know" culture has evolved
into a "need to share" culture.
This question does not arise for highly sensitive data because it
automatically requires a higher security level. Thus, diplomats
stationed at an outpost have to be able to send data to headquarters without anyone else being able to read it. The same
holds true for the top officials of national banks. They also have
to be able to access their database at any time and from any
place, so they can intervene if necessary. Of course, security
systems of nuclear power plants or of large dams are likewise
classified as highly sensitive.
And the same is true not least of the armed forces: a crucial
factor in modern warfare is quick, secure access to information material. Experts say that the previous "need to know"
culture has evolved into a "need to share" culture. The unhindered and secure exchange of information is therefore
a central element in the success of an operation. Put simply:
a war can hardly be won any more without well-protected
and constantly accessible databases.
6 | CryptoMagazine 2 / 16
This protection entails not only safeguarding the databases
against intruders and thereby preventing tampering. Equally
important is protection from sabotage. This term includes
attacks that make database access more difficult for users or
even impossible for short or long periods. In addition,
sabotage also signifies attacks aimed at destroying the data.
Software is not enough
To provide adequate protection for highly sensitive data, it is
often not enough merely to rely on software solutions for login
and data transmission. What is in fact needed is hardware that
encrypts data traffic with individual algorithms. This encryption is taken care of, for example, by modules plugged into a
notebook or inserted in a smartphone. This approach protects
data while it is being retrieved, edited and sent. An important
aspect of working outside a protected network is that data –
such as e-mails for example – is also protected when saved
locally. Comprehensive systems do just that.
The decisive factor for overall system security is that all points
of access to a database are protected. Classical copper cables as
well as modern fibre-optic networks can usually be tapped,
however. In the governmental realm, use is also made of
microwave and satellite links, which are more efficient,
especially in times of crisis or in remote areas. Microwave
technology in particular is especially susceptible to covert
tapping and sabotage if not sufficiently protected.
Diplomacy in a networked world
In the twenty-first century, successful foreign policy is based on secure information and communication.
New technologies have opened up communication channels for players worldwide that can be powerful
instruments, especially also for diplomats. After all, diplomatic activity is performed increasingly in the eye
of the digital public. Nevertheless, it is vital to retain secrecy as a delineating factor for complex negotiations
– regardless of which communication technologies are utilised.
The digital world is no longer conceivable without the hashtag (#). In 2007, the hash character (number sign) began being
employed to tag terms. Ever since, its use has multiplied millions of times over, also in embassy communication. "Have you
ever been to #Geneva?" The Swiss embassy in the US recently
asked its followers this question on Twitter. The reason for the
tweet was a TV report on Geneva, the Swiss city known the
world over as headquarters of international organisations,
and its multicultural population. In our digital age, the Swiss
foreign ministry views these references, but also event tips
aimed at a broad public, as being suitable means for conveying
a fresh image of Switzerland and for forging new networks.
The first fledgling steps of the Swiss Confederation on the stage
of e-diplomacy go back to 2012. In a pilot project, ten Swiss
representatives abroad began making forays into social media.
The activities at the time were limited at most to posting three
messages a day on the Facebook page and on the Twitter
channel. Four years later, the volume has quadrupled and the
reach has grown markedly. Today, more than 2,500 people
follow what Swiss embassy personnel in Washington DC (USA)
are communicating on its Twitter channel; its followers on
Facebook number 50,000. In the meantime, social media are
considered important tools of diplomatic work.
And what does the future have in store? Experts agree that
database protection will become more and more complex.
Additional attack scenarios are conceivable given the further
digitisation of society and the spread of the Internet of Things
(IoT). IoT entails machines communicating increasingly
among themselves. Carl August Zehnder, Professor Emeritus
at the Swiss Institute of Technology Zurich, had this to say of
the future: "The technical advances in IT will continue and
give rise to amazing new possibilities for all of us."
CryptoMagazine 2 / 16 | 7
Whether digital or conventional –
the secure and confidential exchange of information must be assured at all times regardless of the
means of communication used.
Diplomacy in the digital age
As a tool of public diplomacy, new technologies are used as a
means of involving the growing and changing communities of
players everywhere in the world with an eye to building up
relationships. The object is to understand the needs and special
characteristics of other countries, cultures and people, to
communicate one's own views, to rectify incorrect perceptions
and to counter governmental propaganda actively. Classical
diplomacy concentrated on the relationship between governments on a formal level whereas the twenty-first century has
seen a marked increase in the number of players relevant to
diplomacy. These players include non-governmental organisations, cultural and academic facilitators, corporations, lobbyists, media and of late, also the local population in particular.
The intent is to influence their perception or opinion in one's
own interest by making full efficient use of the possibilities of
digital diplomacy.
This change in the diplomatic service was set off by digitisation
and its end is not yet in sight. Until now, it has reduced the
importance of diplomats' legal and political functions while
augmenting their symbolic functions in the form of public
diplomacy. The ambassador is present on all channels, holds
lectures, gives interviews and explains the policy of his own
country to the public in his host country.
However, the greater use of social media as an instrument
of e-diplomacy also entails risks and consequently requires
certain guidelines. Otherwise, a verbal exchange of blows can
ensue between governmental representatives. The effect is
counter-productive on both sides because it can generate
negative headlines. And as before, e-diplomacy experts point
out that the following rule still applies: it is still not (yet)
permitted to tweet each other about the successful signing
of an international treaty.
8 | CryptoMagazine 2 / 16
Technology accelerates the pace of diplomacy
Technological progress has accelerated not just the trend
toward digital diplomacy especially in PR work, but also the
pace of diplomacy as a whole. This trend was enabled by the
nearly full-coverage supplementation or even replacement of
analogue cable-bound communication channels – such as the
public phone system, also known as PSTN – with fast digital,
packet-orientated communication channels. The latter are
increasingly also wireless, in other words, radio-based. In times
of crisis, these locally available terrestrial networks, such as the
PSTN, the Internet or 3G or 4G mobile networks, are at risk of
being destroyed or of failing temporarily. Certain embassies
therefore make use of short-wave radio and/or VSAT satellites
additionally or as back-ups to assure communication independent of local networks.
Short-wave radio entails substantial investments in infrastructure and permits communication that is always slow and
digitised only under certain circumstances. Embassies and
missions of the foreign ministries today therefore rely to a
larger extent on means of broadband satellite communication
such as Inmarsat BGAN, Global Xpress or Thuraya IP. These
services have become much less expensive and are available
worldwide for both stationary and mobile use. As such, they
meet the demands put on today's digital communication
technologies in our globally mobile and networked society.
Digitisation and networking are advancing rapidly. People are
using new means of communication intensively and demanding greater transparency. Against this backdrop, it is vital that
relative secrecy be retained as a delineating factor for complex
negotiations also for diplomacy in the twenty-first century.
To this extent, secrecy is considered more valuable than ever
as a common currency of diplomacy. And this is why: whether
digital or conventional – the secure and confidential exchange
of information must be assured regardless of the means of
communication used.
Even if diplomatic activity occurs increasingly in the realm of
public diplomacy, the classical areas in which diplomacy is used
remain relevant. One example would be the coordination of an
exchange of prisoners between two countries that have no
reciprocal diplomatic relations – i.e. that have no communication channels – and therefore have to rely on a third country
acting as mediator.
Complicated triangular relationship
In a constellation of this kind, the country acting as mediator
is responsible for reconciling all details of the barter with both
sides: all coordination tasks are routed through the mediator,
from the parties' negotiating positions and the documentation
of the intermediate results to the way the transfer itself proceeds. A project of this type requires highly secure standards in
communication. It is imperative that neither of the two parties
become privy to the opponent's correspondence or decisions.
In addition, it is vital that the public in neither of the two
countries find out anything either.
The mediator therefore has to use an encryption technology for
all forms of correspondence. If all employees use an algorithm
of this kind to transmit secret messages, none of the countries
can find out anything outside official communication.
"Communication remains the
central element in diplomacy.
And its protection must be
guaranteed at all times no
matter which technologies
are employed."
But not all information being sent back and forth between the
parties via the mediator is subject to the same degree of secrecy.
To avoid having to encrypt every message, it is worthwhile
classifying messages by differing degrees of confidentiality and
carrying out a coded transfer according to the level of confidentiality – as has been the practice since the earliest days of
diplomatic communication. A former top Swiss diplomat
summarised the change in diplomacy as follows: "Communication remains the central element in diplomacy. And its
protection must be guaranteed at all times no matter which
technologies are employed."
CryptoMagazine 2 / 16 | 9
Travelling
Minister
Ministry of
Foreign Affairs
Crypto Mobile
Mobile Client
Crypto Desktop
Crypto Mobile
IP VPN
Encryption
Crypto
Desktop
Crypto Red
Enclave Gateway
IP Network
Call Manager
IP VPN
Encryption
Mobile
Network
Crypto Mobile
Red enclave zone
Remote access zone
Embassy
Information security for office communication
Written communication is considered valuable in diplomacy
The Crypto Mobile Client HC-7835 gives travelling members
for a number of reasons: written messages have a binding
of the diplomatic corps remote access to central ICT infra-
character, can be archived and bridge time zones. Faxes and/
structure. This platform for users on the move is the perfect
or e-mails are therefore important applications, but so is
tool for protecting data of the most varied ICT applications
telephony in operational contexts. The end-user products
locally or by means of VPN encryption for transmission.
from Crypto AG for voice, fax, messaging and remote access
There is a mobile office system all ready for operation with
are ideal for providing maximum information security to
Mobile Client, too: the Deployable Secure Mobile Office
protect these types of communication.
DSSS-102x.
The Crypto Desktop HC-9300 is a platform that enables
top-security embassy communication with its end-user
Crypto Desktop HC-9300
applications. Fax messages can be sent not only over classical
Presenting the encryption platform for
PSTN networks but following encryption, they can also be
the modern office. Customised security
transmitted as e-mails. The encryption of e-mails, data and
applications deliver maximum security for
VoIP telephony round out the product as an office security
the transmission of voice, fax and data.
solution. If more mobility is required, the Deployable Secure
Mobile Office DSSS-1031 combined with HC-9300 provides a
mobile office that is ready to operate and has all the neces-
Crypto Mobile HC-9100
sary components and means of communication.
Crypto Mobile HC-9100 is a complete
all-round encryption platform in the
The Secure Mobile Phone with the Crypto Mobile HC-9100 is
format of a micro SD card with impressive
the mobile member of the Crypto Secure VoIP System. It uses
performance capabilities.
packet data services of mobile networks for communication
via WiFi but also via other IP networks. If a mobile satellite terminal, such as the Inmarsat BGAN terminal iSavi is employed,
Crypto Mobile Client HC-7835
the communication network can likewise be accessed via
This platform for users on the move is the
satellite communication.
perfect tool for protecting data by means
of encryption for transmission and saving.
10 | CryptoMagazine 2 / 16
Protection of highly sensitive data –
more important than ever
Information is often so sensitive that enormous risks are associated with it becoming known to the public –
for government action, for national security, for businesses. That is why a holistic approach is required for
saving, editing and transmitting digital documents.
It was revolutionary and considered unbreakable – the Enigma
encryption machine. The Wehrmacht – the German armed
forces under the National Socialists – employed the device in
World War II to encrypt its communication. It did so with great
success for a long time. Yet the Allied Powers managed to crack
the code at huge expense and effort technologically and in terms
of personnel. Suddenly, the military and intelligence agencies
gained insights into encrypted radio signals. This capability
was crucial for the Allies' victory. Historians all agree: the insights that intelligence agencies gained from the compromised
Enigma system shortened the war by years and in all probability, saved millions of human lives.
Down to the present day, the encryption of secret information
is crucial to protecting it from being tampered with or from
being accessed by unauthorised parties. Data encryption means
changing the data in such a way that its content is no longer
recognisable. Plain text is transformed into secret text.
However, "text" is an outdated term. Enigma still encrypted
solely letters whereas twenty-first century encryption systems
save and transmit data almost exclusively in digital form. This
data includes text documents and data files as well as voice,
videos, e-mails, program codes, fax and phone calls.
The advantage of encryption is this: even if unauthorised
parties tap the data, its content remains confidential. Modern
encryption techniques are based on such complex mathematical processes that it would take countless years to reconstruct
the plain text even using the fastest computer in the world.
Encrypted all the way to the recipient
Encrypting the information is just one side of an ICT security
system. It is vital that all authorised users have access again to
the sensitive data. The goal of ultra-secure document management is to make sure the documents remain encrypted until
the end users open them on their devices. Only authorised
recipients can decrypt the information. If third parties intercept
the secret data while it is being transmitted, they cannot do
anything with it.
In this end-to-end encryption, use is made of keys very
comparable to the door keys, with which everyone is familiar
from everyday life. The key closes off access to data content
and the end user, in turn, needs a key to obtain access to the
information.
CryptoMagazine 2 / 16 | 11
High-security
zone
Top
secret
Secret
Secure zone
Confidential
Trusted zone
Restricted
Public zone
Unclassified
Information classification scheme
Government organisations have a classification system for determining the degree to
which a given item of information is worthy
of protection. Classified information is commonly categorised according to a four-level
model. Any information not categorised as
belonging to one of these classification lev-
Mapped security zones
Symmetric encryption is employed for saving and sending
highly sensitive documents. With this method, all communication partners utilise the same secret key – it is used to
encrypt information at the sender's end and to decrypt it at
the recipient's end. Another big advantage of this process is
this: even documents containing large quantities of data can
be encrypted and transmitted quickly in this way.
els is deemed to be unclassified. The various
classes of information and infrastructure for
processing information are assigned to their
respective security zones.
The highly secure treatment
of documents requires holistic
architecture.
In asymmetric cryptographic processes, for their part, everyone
involved uses a mathematically created pair of keys: one of
these keys is publicly available – for instance on the Internet
and retrievable via authenticated channels – and enables data
to be encrypted in such a way that it can only be decrypted
with the appropriate private key. Asymmetric decryption is
slow, however, and is suitable only for small quantities of data.
That is why hybrid cryptographic processes are used as well:
a combination of symmetric and asymmetric encryption that
utilises the advantages of each method. Hybrid encryption is
employed, for example, in e-banking, in payment systems on
the Internet or in secure e-mail communication. You will find
out more about these two methods in the article "Quantum
computers: the supercomputers of the future" on page 20.
12 | CryptoMagazine 2 / 16
Holistic approach to security
The more sensitive the data, the better protected their integrity
and confidentiality must be. There are myriad possibilities for
attacks: information can be tapped at a storage site or while
being transmitted over a hidden channel. Keys can be stolen,
manipulated and misused. There is also the danger of individuals without access rights getting their hands on classified documents. The secret data streams flow over different media:
cables, optic fibres, satellites, radio networks and microwaves.
The confidential information does not always move on trustworthy paths. In smaller work networks, the transmission paths
are usually still clear-cut and secure. In large networks, the
communication partners are far from each other geographically
and the data is transmitted over non-trustworthy paths such as
the Internet. This approach increases the challenge put on
security measures.
The secure transmission of highly sensitive documents entails
a correspondingly higher degree of technical effort and expense
but is worthwhile: the loss of top-secret documents is often a
serious risk for a country or a company. The same holds true
for files that are compromised. Their restoration or the chore
of setting up a new security system involves effort and expense
that soon exceeds the operating costs for the original
security measures.
In light of the diverse risks and data transmission routes
involved, the ultra-secure handling of documents must be
broadly based, which calls for a holistic architecture. Along
with technical measures and cryptographic processes, organisational measures are also required, such as an orderly assignment of access rights. The data being protected is classified
according to its degree of confidentiality and divided into
security zones, which only authorised individuals have the
right to access. For instance, data with a security classification
of "secret" is processed in high-security zones, to which only
a small group of individuals have access. Or data classified as
"restricted" is processed in security zones with a lower degree
of protection, to which substantially more people have access.
Within these zones, users can securely read, edit and save the
protected documents again. Between the zones, protective
technical barriers, such as gateways of all kinds, are set up to
control the flow of data and stop it if need be. These transition
points between the individual protective zones are usually the
most vulnerable places in a security system. At these spots,
attackers can find the breaches through which they can hack
into the system.
Data whose confidentiality and integrity must meet the highest
security standards is therefore kept apart even physically from
the other zones and the Internet. This drastically limits the
access possibilities but also the chances of data being stolen.
CryptoMagazine 2 / 16 | 13
INTERVIEW
"The higher the degree of protection,
the more rigorous the personal
security check."
The Federal IT Steering Unit (FITSU) ensures implementation of the information and communication technologies
(ICT) strategy in the Federal Administration. For this purpose, it issues guidelines for the administrative units
and manages the ICT standard services. The FITSU also manages the eGovernment Switzerland Programme
Office as well as the Reporting and Analysis Centre for Information Assurance (MELANI).
Mr Fischer, what does the classification of sensitive data entail
and what benefits does it provide?
It entails categorising data according to how worthy of protection it is. In Switzerland, the authority in charge of the pertinent
regulations is the Departmental Sector for Information and
Property Security in the Federal Department of Defence,
Civil Protection and Sport (DDCPS). Using classification, we
distinguish data that is more worthy of protection from data
that is less worthy. Then, efficient preventive measures can be
taken to keep unauthorised parties from becoming privy to
information worthy of protection.
What secrecy levels does the Swiss Confederation use?
And: do Swiss practices differ from those in other countries?
In Switzerland we use the following classification system:
INTERNAL, CONFIDENTIAL and SECRET. Other countries
such as Germany, for example, have TOP SECRET as an
additional level.
Classification also involves assigning access rights.
What criteria is applied in doing so?
Basically, access to a document should be granted to those
individuals who need it to perform their job. But they must
fulfil certain conditions for each classification level, including
the necessary eligibility and education. The higher the degree
of protection, the more rigorous the personal security check,
for instance.
Secret written documents were once marked with a corresponding stamp. How is the degree of secrecy of a digital
document made known today?
CONFIDENTIAL and SECRET appear as classification
notations on the top of each page and the document is
encrypted.
14 | CryptoMagazine 2 / 16
Identification when accessing a document: what can be done
to make sure that the individual wishing to access the classified documents is in fact the authorised person?
Appropriate authorisation concepts and access systems can
be used to enable secure identification. The classified information should be made accessible only to those individuals who
absolutely need to know it (need-to-know principle).
Peter Fischer is Delegate of the Federal IT Steering Unit (FITSU) of the Swiss Confederation,
making him the top IT official in the Federal Administration. As head official, the law graduate
is in charge of the entire spectrum of information and communication technology. Fischer has
been performing these duties since 2011 and reports directly to the Federal Council.
What forms of classified information are prevalent?
Primarily text, graphics and e-mail.
"DRM solutions have their
limitations, as attacks in the
entertainment industry show."
How does the Federal Administration of Switzerland
guarantee the secure transfer of sensitive data?
From a classification CONFIDENTIAL and above,
the data must be transmitted in encrypted form.
How do you prevent the loss of sensitive data?
Through regular data backups to counter loss. Network
transition points are guarded to prevent data outflows.
Along with perimeter protection, behavioural analyses
increasingly have to be conducted in the systems in
general to counter and detect cyber attacks.
How does the Federal Administration protect sensitive data?
And: how can data theft be uncovered?
There is almost no such thing as absolute protection. Sometimes, data theft is detected, if at all, when the data is misused.
It can be determined, for example, by checking log files for
salience. Digital rights management (DRM) solutions have
their limitations, as attacks in the entertainment industry show.
Today, people demand that data be available at all times and
places. What challenges arise for security from this demand?
Decision-makers require constant access everywhere to the
data they need to perform their jobs. If possible, they should
even have this access from their smart devices that they use on
a daily basis. This capability is in conflict with the security
requirements and measures. One big challenge is to pack
adequate security into standard mobile devices; the tapping of
German Chancellor Angela Merkel's mobile phone is a case in
point. This conflict of interest cannot be completely resolved
at the moment. In fact, the goal must be to optimise the
situation based on the relative importance of the interests
involved. Psychology plays a large role. Often a solution that
is "only" safe is preferable to a solution that is extremely safe
but never used.
Has the protection of secret data improved or worsened
as a result of digitisation?
Probably worsened because the barrier of physical penetration
no longer exists with digitisation. That is why, say, secret data
in the Federal Administration is processed only in isolated
systems and networks. In exchange, however, digitisation
opens up new opportunities for data use. That plus must be
weighted accordingly.
CryptoMagazine 2 / 16 | 15
■■ Community cloud
If several private clouds join together, the combined cloud
is known as a community cloud. User access to different
private clouds can be controlled by access rights.
IaaS stands for "Infrastructure as a Service" and signifies the
foundation on which a cloud system is based. The cloud
provider is responsible for the proper functioning of the
network (virtual resources) and for access to the hardware on
offer (physical resources). However, the users have access to
the computing entities, which can be expanded or narrowed
depending on requirements.
■■ Hybrid cloud
The combination of various types of clouds (public, private
and/or community) is known as a hybrid cloud. Combinations of this kind arise if someone from within a private
cloud, say, accesses services in a public cloud or if organisations and companies are using applications in public clouds
but keep some of their data in the private cloud.
With "Service Platform as a Service" (PaaS), the provider makes
available an application that it developed. This service is utilised
primarily by software developers. The programming languages
and interfaces are specified by the provider, however.
Services are divided into three different types. Although they
are based on each other, they are considered to be independent
areas. These areas are hardware (IaaS), operating system (PaaS)
and application (SaaS).
Secure cloud computing –
fact or illusion?
Cloud computing is becoming a key work instrument for more and more companies and organisations: it makes
data available virtually everywhere and eliminates high IT costs. The crux of the matter, however, is information
security. Not all cloud services are suitable for highly secure communication.
Community
Private
Public
A
D
Public
Information technologies are changing rapidly and with them,
the possibilities users have. A key role in this process is played
by cloud computing, in other words, using IT resources over
the Internet. Data is no longer saved and processed in local
infrastructure but instead in a network of remote servers
hosted on the Internet and known as a cloud. Users can access
their own personal work environment from different devices
(laptop, tablet, mobile phone, etc.). A connection is established
to the cloud via IP (Internet Protocol) networks.
Different models and services
But the term cloud means different things to different people.
Cloud computing encompasses a variety of models and
services. The literature refers to four common models.
16 | CryptoMagazine 2 / 16
■■ Public cloud
The public cloud is a publicly accessible cloud. In this
model, the services of an external provider are open to all
users. A user is not able to determine himself which other
users share the hardware of this cloud with him. A virtual
delineation does exist, however; namely, each user sets up a
profile that is protected from being accessed by other users.
■■ Private cloud
The private cloud, for its part, is not publicly accessible.
The use of the services are available solely to operators
within a company or an internal department. The private
cloud is geared to the specific needs of the user and
separated physically from other systems.
The term "Software as a Service" (SaaS) is then used at the
application level. The users need not bother about either the
application or scalability or data storage; they simply make use
of the functions of the cloud as provided. But the users have no
influence on and no access to the infrastructure and resources
of the cloud provider.
B
Hybrid
Private
E
Private
Public
C
F
Public
Diagram presenting the different
cloud computing models
CryptoMagazine 2 / 16 | 17
IT infrastructures, among other things,
are made available in the cloud
Risks in the cloud
From certain perspectives, cloud computing offers companies
and organisations various advantages: it greatly reduces
investments in hardware and software licenses or eliminates
them altogether. Nonetheless, users obtain access to a highly
flexible infrastructure that can be adapted at any time to meet
new requirements. The cloud providers take charge of the
installation and maintenance of IT systems, thereby slashing
high personnel costs and enabling users to concentrate on their
core areas of business. Costs can also be reduced in private
clouds if, for instance, services are used centrally instead of
being installed on every individual device.
Along with all the advantages, there are also disadvantages to
using cloud services, especially when it comes to security.
This is particularly true of public and hybrid clouds. Under
certain circumstances, the confidentiality, integrity and
authenticity of the data may be on more than questionable
footing in these types of clouds. When utilising a public or
hybrid cloud, users often do not know where the data is stored.
They therefore have little to no influence on protecting their
data from being viewed (confidentiality) and from it being
18 | CryptoMagazine 2 / 16
changed in undesired ways or damaged (integrity). They have
no other choice but to trust the provider. The secure allocation
of information to the sender (authenticity) may also be difficult
to verify under certain circumstances and entail security risks
especially in sensitive areas.
Public and hybrid clouds
are risky options for secure
communication solutions.
Users of public and hybrid clouds are also at the mercy of the
providers with respect to the availability of services. They have
to rely on the provider's information that it sufficiently protects
its infrastructure physically (e.g. from natural disasters) and
virtually (properly functioning networks). Consequently, public
and hybrid clouds are risky options from a security perspective;
specifically, they are unsuitable for meeting the highest demands
placed on secure and highly secure communication solutions.
Security architecture
By contrast, private clouds can satisfy highly secure standards
if corresponding precautions are taken. One possibility is to
operate the cloud oneself. In other words, the company or the
organisation has its own servers, technologies, applications and
correspondingly qualified IT personnel. Whether the private
cloud is operated internally or externally (or in a hybrid approach), the security requirements remain the same. Ideally,
the security aspects of the information solution are already
considered during the design phase. In other words, the network architecture is orientated toward different information
security zones. These zones, in turn, are formed on the basis
of various classification levels – for instance, CONFIDENTIAL,
SECRET and TOP SECRET. The protective zones are separated
cryptographically from each other. What that means for the
transmission of sensitive and highly sensitive data is that the
data is protected prior to transmission with end-to-end encryption. As a result, only cryptographically protected data is
uploaded into the cloud. The connection from the cloud over
the Internet is encrypted and protected by cryptographic means.
To achieve a high degree of security, cryptography must be
implemented on a protected hardware platform. These devices
are no larger than a cigarette packet and can also be utilised on
the move. To be able to operate a highly secure private cloud,
there are a few more factors to keep in mind. The cloud hardware, for example, must be housed in highly secure rooms.
The expert personnel – internal and external – undergoes a
security check. And perhaps most crucially: employees who
work with cloud services must be duly sensitised to the fact that
they work in a highly secure area. After all, mindful conduct is
central to optimum security.
CryptoMagazine 2 / 16 | 19
Quantum computers:
the supercomputers of the future
Quantum computers solve certain arithmetic problems many times faster than digital computers –
theoretically anyway. Quantum computing is still far from being an actual application and of practical use.
Nevertheless, it is worth contemplating what real quantum computers would mean for the security of
cryptographic systems.
A quantum computer is a computer that functions on the basis
of the laws of quantum mechanics. The theory was developed
in the mid-1920s with a view to understanding the world of the
very tiniest entities. The characteristic trait of the quantum
world is wave-particle duality: subatomic particles can behave
like waves and light waves can behave like particles. A further
aspect is the phenomenon of superposition. That means
particles can do two or a hundred or a million things simultaneously. The quantum world therefore consists of a variety of
overlapping probabilities.
20 | CryptoMagazine 2 / 16
This complexity cannot be calculated with a conventional
computer. That is why the physicist and Nobel Prize winner
Richard Feynman suggested carrying out the calculations of the
quantum world with a quantum computer. Unlike a digital
computer, a quantum computer does not operate on the basis
of the laws of classical physics but instead on the basis of
quantum mechanical states, which go substantially beyond
the rules of the classical theories.
Unlimited possibilities for movements
To understand how quantum computers might work, it is
helpful first to depict the bit of a classical computer as a type
of spherically shaped compass. Its needle is pointing either to
1 (the North Pole) or to 0 (the South Pole) and can change
between these two states by being turned 180 degrees. The
central processing unit of a computer consists of millions of
one-bit switches. The equivalent of a bit in a quantum computer is a qubit. The qubit is similar to the classical sphere. But its
possible movements are not limited to a rotation of 180 degrees.
The qubit can turn by any number of degrees in space.
The quantum mechanical sphere can also point in several
directions at once (superposition). Owing to this extreme
flexibility, a qubit can code more information than a classical
bit. And the computing performance is all the greater because
qubits work with quanta entangled – as if each qubit sphere
were connected by elastic threads to every other qubit – also
known as quantum coherence. Consequently, the performance
of a quantum computer doubles if a single qubit is added. In
contrast, the performance of a classical computer grows linearly
with the number of bits.
Bit
Qubit
0
0
1
1
A bit is either 1 or 0. The qubit plays
an analogous role and serves as the
smallest possible storage unit
CryptoMagazine 2 / 16 | 21
Theoretical studies suggest that if these effects were fully utilised, certain problems in computer science, such as searching
in extremely large databases and factoring extremely long
numbers (dividing a product into its prime factors), could be
done much more efficiently than with classical computers.
We could then solve the mathematical problem on which
the security of several cryptographic processes is based.
Chinese building the first quantum computer
But the quantum computer is currently still a theoretical
concept. The reason is that for a quantum computer to work,
the qubits are allowed to interact solely with each other
(quantum coherence) in order to carry out calculations. That
means they would have to be completely shielded off from the
environment. To bring this situation about, quantum physicists
avail themselves of physical systems: they code the qubits in
a handful of atoms, cool the system to a fraction of a degree
above absolute zero and surround their apparatuses with an
abundance of insulation material to shield out all environmental influences.
On a small scale, several concepts of this kind were tried out in
the laboratory, resulting in quantum computers with a handful
of qubits. In 2011, for instance, Chinese scientists succeeded in
factorising the number 143 into its prime factors (13 and 11)
with the help of only four qubits. This feat makes it clear that
the further development of today's generation of quantum
computers into useful devices remains a huge challenge.
Quantum computing is still far from being an actual
application and of practical use.
The obstacle: although the computing performance increases
with each additional qubit, so too do the problems of maintaining quantum coherence. In other words, decoherence sets
in long before the computer manages to complete even the
simplest calculation.
Efforts are being made to bring about advances in quantum
technology. The EU Commission, for one, has decided to foster
the development of quantum technologies. The programme
is set to begin in 2018 and has one billion euros in funding.
Quantum computing is among the technologies to be developed under this programme.
Cryptographic systems
The question therefore arises as to which information security
solutions could be threatened by quantum computing. There are
basically two types of encryption: symmetric and asymmetric.
22 | CryptoMagazine 2 / 16
■■ Symmetric cryptographic systems: The keys for encrypting
and decrypting a message are identical – both participants
use the same key. Symmetric cryptographic systems enable
high encryption outputs: the Advanced Encryption Standard (AES), for example, is 1,000 times faster than the asymmetric cryptographic system RSA. For symmetric encryption processes, quantum computers pose a relatively minor
threat. After all, the security of a key as measured in bits can
be reduced by the Grover algorithm by half at most. The
boost in computing performance could be countered with
correspondingly long keys.
■■ Asymmetric cryptographic systems: The keys for encrypting and decrypting a message are different. These processes
are also called public key processes. The principle of asymmetric encryption is essentially based on each communication partner generating one pair of keys apiece (consisting of
two keys). One of the keys is kept secret; it is known as the
private key. The second key is made accessible to each participant willing to communicate. This second key is therefore
called the public key. In other words, everyone who knows
the public key can encrypt a message, but only individuals
who know the private key can decrypt that message. Security
comes from the fact that it is impossible to calculate the
private key based on the public key.
Quantum computing is still far
from being an actual application
and of practical use.
Today, RSA is employed for asymmetric encryption processes.
The name RSA comes from the first letter of the last names of
its three inventors: Rivest, Shamir and Adleman. They developed the process in 1977. RSA encryption utilises what are
known as one-way functions. One can imagine these functions
as mathematical one-way streets. The calculation in one direction is very easy (encryption). If one attempts to compute it in
the opposite direction (decrypting without keys), the task
becomes very difficult.
Unsuitable for actual practice
A one-way function of this kind consists of the multiplication
of prime numbers. It is very simple to multiply two prime
numbers. Example: 3,259 times 5,431 equals 17,699,629. But if
the inverse problem is posed, it is much more elaborate to
solve: "What divisors exist for the number 17,699,629?" The
problem is that no fast algorithm is known for factoring a large
number into its prime factors. A conventional computer fails
already in dealing with a 100-digit product. In actual practice,
Quantum computers need thousands of qubits to solve complex calculations
and are thus highly susceptible to disturbances
use is made of 300 to 600-digit products that even the fastest
high-performance computers are unable to factorise again, not
even in concert with each other.
This security is only practical, however, and not theoretical.
RSA encryption would be broken if an efficient algorithm were
found for the problem of factoring. In 1994, Peter Shor invented
an algorithm that can be used on a quantum computer to break
RSA and other common public key systems. But the existing
quantum computers are no faster than conventional computers
and thus far unusable in actual practice.
ing may be changing cryptography, but the ramifications for
existing cryptographic systems differ widely: for most asymmetric cryptographic systems, the current advances could pose
a danger whereas they will not influence symmetric cryptographic systems.
One question remains, nevertheless: How will asymmetric
cryptographic systems be able to be protected in future?
Post-quantum cryptography (PQC) is wrestling with this
question. This sub-field of cryptography deals with cryptographic primitives. Unlike most asymmetric cryptographic
systems currently in use, cryptographic primitives cannot be
decrypted even using quantum computers. Quantum comput-
CryptoMagazine 2 / 16 | 23
Zug
Abu Dhabi
Muscat
Kuala Lumpur
Rio de Janeiro
Fairs
IDEX
In Abu Dhabi from 19 to 23 February 2017
CRYPTO cSEMINARS
cSeminar Information Security Specialists
13 to 17 March 2017
2 to 6 October 2017
cSeminar Technical Vulnerability Testing
9 to 13 October 2017
cSeminar Contemporary Cryptography
Crypto AG
27 to 31 March 2017
P.O. Box 460
16 to 20 October 2017
6301 Zug
Switzerland
The seminars are all held at the Crypto Academy
T +41 41 749 77 22
in Zug / Steinhausen.
F +41 41 741 22 72
[email protected]
Contact and further information
www.crypto.ch
www.crypto.ch/en/products-and-services#seminars
Restricted © Crypto AG. All rights reserved. 671487 / EN / 1609
20 to 24 March 2017

 Download  Report

Paperzz.com

Your Paperzz

© Copyright 2026 Paperzz